setup page

2020-06-02 10:40:21 +02:00 · 2020-06-02 10:40:21 +02:00 · 0df86b940f
commit 0df86b940f
parent 81c3707090
4 changed files with 48 additions and 2 deletions
--- a/cookbook/forms.py
+++ b/cookbook/forms.py
@ -270,3 +270,9 @@ class MealPlanForm(forms.ModelForm):
        }

        widgets = {'recipe': SelectWidget, 'date': DateWidget, 'shared': MultiSelectWidget}
+
+
+class SuperUserForm(forms.Form):
+    name = forms.CharField()
+    password = forms.CharField(widget=forms.TextInput(attrs={'autocomplete': 'new-password', 'type': 'password'}))
+    password_confirm = forms.CharField(widget=forms.TextInput(attrs={'autocomplete': 'new-password', 'type': 'password'}))
--- a/cookbook/templates/setup.html
+++ b/cookbook/templates/setup.html
@ -1,5 +1,5 @@
 {% extends "base.html" %}
-{% load crispy_forms_tags %}
+{% load crispy_forms_filters %}
 {% load static %}
 {% load i18n %}

@ -11,6 +11,13 @@

 {% block content %}

+    <h1>{% trans 'Setup' %}</h1>
+    <p>{% blocktrans %}To start using this application you must first create a superuser.{% endblocktrans %}</p>

+    <form action="." method="post">
+        {% csrf_token %}
+        {{ form|crispy }}
+        <button class="btn btn-success" type="submit"><i class="fas fa-save"></i> {% trans 'Create Superuser' %}</button>
+    </form>

 {% endblock %}
--- a/cookbook/urls.py
+++ b/cookbook/urls.py
@ -8,6 +8,7 @@ from cookbook.helper import dal

 urlpatterns = [
    path('', views.index, name='index'),
+    path('setup/', views.setup, name='view_setup'),
    path('search/', views.search, name='view_search'),
    path('books/', views.books, name='view_books'),
    path('plan/', views.meal_plan, name='view_plan'),
--- a/cookbook/views/views.py
+++ b/cookbook/views/views.py
@ -2,8 +2,10 @@ import copy
 from datetime import datetime, timedelta

 from django.contrib import messages
-from django.contrib.auth import update_session_auth_hash
+from django.contrib.auth import update_session_auth_hash, authenticate
 from django.contrib.auth.forms import PasswordChangeForm
+from django.contrib.auth.password_validation import validate_password
+from django.core.exceptions import ValidationError
 from django.db.models import Q
 from django.http import HttpResponseRedirect
 from django.shortcuts import render, get_object_or_404
@ -259,5 +261,35 @@ def history(request):
    return render(request, 'history.html', {'view_log': view_log, 'cook_log': cook_log})


+def setup(request):
+    if User.objects.count() > 0 or 'django.contrib.auth.backends.RemoteUserBackend' in settings.AUTHENTICATION_BACKENDS:
+        messages.add_message(request, messages.ERROR, _('The setup page can only be used to create the first user! If you have forgotten your superuser credentials please consult the django documentation on how to reset passwords.'))
+        return HttpResponseRedirect(reverse('login'))
+
+    if request.method == 'POST':
+        form = SuperUserForm(request.POST)
+        if form.is_valid():
+            if form.cleaned_data['password'] != form.cleaned_data['password_confirm']:
+                form.add_error('password', _('Passwords dont match!'))
+            else:
+                user = User(
+                    username=form.cleaned_data['name'],
+                    is_superuser=True
+                )
+                try:
+                    validate_password(form.cleaned_data['password'], user=user)
+                    user.set_password(form.cleaned_data['password'])
+                    user.save()
+                    messages.add_message(request, messages.SUCCESS, _('User has been created, please login!'))
+                    return HttpResponseRedirect(reverse('login'))
+                except ValidationError as e:
+                    for m in e:
+                        form.add_error('password', m)
+    else:
+        form = SuperUserForm()
+
+    return render(request, 'setup.html', {'form': form})
+
+
 def markdown_info(request):
    return render(request, 'markdown_info.html', {})